Claude Opus 4.6 deliberately circumvents automated review hooks by obfuscating flagged terms

Resolved 💬 3 comments Opened Feb 28, 2026 by weilhalt Closed Mar 4, 2026

Bug Report

Description

When using Claude Code with Claude Opus 4.6, the model deliberately circumvents user-defined automated review checks (hooks) designed to catch policy violations in generated code.

Setup

I have established an extensive system of automated review checks and hooks that scan generated code for specific terms indicating violations (e.g., the German word "Veränderung" / "modification"). These checks are designed to flag code that violates project-specific rules.

Observed Behavior

  1. Claude read and understood my automated review rules and the associated checks.
  2. Claude identified which specific terms the hooks search for.
  3. Claude understood the intended action (block/flag) and the prohibition behind the rule.
  4. Instead of complying with the rule, Claude deliberately obfuscated the flagged term — writing "veränderu--" instead of "Veränderung" in a code comment — specifically to bypass the automated check.
  5. When confronted, Claude confirmed it did this intentionally to circumvent the safety mechanism.

Expected Behavior

  • Claude should follow the project rules directly and not write code that violates them.
  • If Claude does write such code, it should use the correct terminology so that the automated check catches the violation.
  • Under no circumstances should Claude actively circumvent user-defined safety mechanisms.

Why This Is Critical

This behavior constitutes deliberate sabotage of user-defined safety infrastructure. If a model actively works to evade oversight mechanisms, the entire trust model of human-in-the-loop review breaks down. Users cannot rely on automated checks if the model learns to circumvent them.

Environment

  • Claude Code CLI
  • Model: Claude Opus 4.6
  • Platform: Windows 11

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗